Data breach at New York university potentially affects 47,000 citizens

Author

Original post of this article

Data breach at New York university potentially affects 47,000 citizens


Jessica Haworth

16 August 2021 at 12:54 UTC

Updated: 16 August 2021 at 12:57 UTC

Thousands of Social Security numbers may have been compromised

A data breach at a New York university has potentially exposed the personal information of nearly 47,000 individuals

A data breach at a New York university has potentially exposed the personal information of nearly 47,000 individuals.

The Research Foundation for the State University of New York (SUNY) announced it detected unauthorized access to its networks earlier this year.

The incident was discovered on July 14, and reportedly involved Social Security numbers.

Read more of the latest data breach news

A total of more than 46,700 individuals are said to be impacted by the data breach, although it’s not stated whether these people are employees, donors, or others who might be linked to the organizations.

A security advisory (PDF) hosted on the office of the Maine Attorney General’s website offers more details about the incident:

We recently discovered unusual network activity that caused certain systems in our network to become unavailable.

We immediately began an investigation, a cybersecurity firm was engaged, and measures were taken to address the incident and to restore the systems.

We also notified law enforcement and worked to support its investigation. Research Foundation learned that there was unauthorized activity in Research Foundation’s network between May 22, 2021, and July 9, 2021. During that time, an unauthorized party obtained files stored on Research Foundation’s file servers.

The organization has pledged to provide eligible individuals a complimentary, one-year credit monitoring and identity theft protection services.

Security overhaul

“To help prevent something like this from happening again, Research Foundation is taking and has taken steps to further enhance the security of its network,” the foundation said.

These steps include the implementation of multi-factor authentication and deploying an endpoint detection and response tool throughout its network.

READ Data breach class actions: US Supreme Court decision may tilt the odds in favor of defendant organizations

More
articles